Living off the Cloud Attacks - You Should Know About Them

Explore the evolving landscape of cloud-based attacks in this DevSecCon conference talk. Delve into the misconceptions surrounding cloud security, examining why companies often underestimate attackers and rely too heavily on IP-based security measures. Learn about the persistent threat of trusted cloud applications being exploited for malicious purposes, including examples of APT29 using cloud platforms for command and control and data exfiltration. Gain insights into common cloud-based attack methods, understand why traditional detection methods fall short, and witness a live demonstration of malware communicating via API. Acquire valuable knowledge on how these attacks are executed, along with strategies for detection and prevention. Discover the importance of adapting security measures to address the unique challenges posed by cloud environments and leave equipped with practical approaches to enhance your organization's cloud security posture.

Introduction
Overview
Traditional Approach
Dynamic Approach
Cloud Era
Living off the Cloud
Command and Control
The Attacker
Demo
The Good and Bad
How to mitigate
Heuristics
Questions